Need to add support for multiple URLs in Hardening Manifest due to dynamic CRAN Repo URLs

Opening a new issue to address this, was previously discussed in: #4 (closed)

I initially spoke with @blake.burkhart on mattermost (CHT channel) about modifying the way the hardening manifest works. I haven't yet heard back. The underlining R libraries URLs expire once there is a new library version available and it gets moved to an archived URL

Example:

Expired URL: http://lib.stat.cmu.edu/R/CRAN/src/contrib/utf8_1.2.1.tar.gz

New URL: http://lib.stat.cmu.edu/R/CRAN/src/contrib/Archive/utf8/utf8_1.2.1.tar.gz

You can see the above scenario happening here: (https://repo1.dso.mil/dsop/opensource/r/r-studio/-/jobs/5705243#L158) This causes the import artifacts stage is failing on this particular URL as it has now moved to an archived URL.

What I was initially proposing was having a secondary or backup URL that can be defined in the hardening manifest for the resources. The SHA and filename would be exactly the same, it would just try both URLs sequentially. The second link, in this case, being the archived URL location.

As of right now during the 12 hours of continuous monitoring that IB implements, the import artifacts stage will fail anytime there is a new version of an R library available. This is an issue for any R-based container that goes through the IB Hardening process because of the way the CRAN repo URLs are provided upstream. I can fix the current build, albeit temporarily, until it breaks again. Please let me know if this is something CHT/IB can support in that of an additional resource URL in the Hardening Manifest..